Accountability, Banking, Cybercrime and Information Security

Grandoreiro Banking Trojan is back and targets banks worldwide

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking

Banking Malware Antivirus Accountability

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS). Bank of America’s systems were not compromised.”

Data breaches

Data breaches Banking Identity Theft Ransomware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Security Affairs

FEBRUARY 19, 2024

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. ” concludes the report. ” concludes the report. .

Banking

Banking Malware Mobile Authentication

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Our research team also found some bank logs for sale, info stealers were possibly used to steal these logs. Bank logs : These are sets of data containing sensitive information about a bank account. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking

Banking Cybercrime Malware Accountability

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking

Banking Government Information Security Authentication

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. Interestingly, we observed that ERMAC 2.0

Banking

Banking Malware Cybercrime Phishing

Neo_Net runs eCrime campaign targeting clients of banks globally

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. The case was reported by security researcher Pol Thill. The threat actor also targeted banks in other regions, including Deutsche Bank, Crédit Agricole and ING. ” Thill explained.

Banking

Banking Phishing Social Engineering Authentication

New variant of BBTok Trojan targets users of +40 banks in LATAM

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. ” reads the report published by Check Point.

Banking

Banking Phishing Malware Hacking

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The authorities blocked 2,350 bank accounts linked to the illicit proceeds of online financial crime and intercepted over 27 million dollars. Pierluigi Paganini.

Cybercrime

Cybercrime Scams Banking Malware

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Spanish bank Globalcaja confirms Play ransomware attack

Security Affairs

JUNE 5, 2023

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients.

Banking

Banking Ransomware Data breaches Hacking

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). ” concludes the report.

Banking

Banking Telecommunications System Administration Hacking

Interpol arrested 75 members of the cybercrime ring Black Axe

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime

Cybercrime Scams Banking Mobile

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime

Cybercrime Banking Identity Theft Hacking

SharkBot, a new Android Trojan targets banks in Europe

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report.

Banking

Banking Mobile Social Engineering Malware

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Security Affairs

MARCH 31, 2021

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. To lure victims, cybercriminals pose as bank representatives or customer support team members on Twitter. These fake account names also mimic official ones.

Banking

Banking Scams Accountability Media

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Crooks stole €1.5 million from German bank OLB cloning EMV cards

Security Affairs

SEPTEMBER 3, 2019

million from the German bank OLB by cloning customer debit cards and using them to cash out user funds across Brazil. million from the German bank Oldenburgische Landesbank (OLB) by cloning customer debit cards and using them to cash out user funds across Brazil. SecurityAffairs – OLB bank, cybercrime).

Banking

Banking Cybercrime Advertising Scams

Nexus, an emerging Android banking Trojan targets 450 financial apps

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking

Banking Cryptocurrency Malware Advertising

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. The further analysis of Dr Hex’ digital footprint revealed his association with other malicious activities.

Cybercrime

Cybercrime Phishing Banking Telecommunications

Chilean bank BancoEstado hit by REVil ransomware

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking

Banking Ransomware Advertising VPN

Australian Firstmac Limited disclosed a data breach after cyber attack

Security Affairs

MAY 13, 2024

Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. “It is important to note that our systems are secure. Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. ” continues the notice.

Data breaches

Data breaches Cyber Attacks Identity Theft Banking

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

Security Affairs

SEPTEMBER 27, 2021

ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from Threatfabric found in July a new Android banking trojan dubbed ERMAC that is almost fully based on the popular banking trojan Cerberus. SecurityAffairs – hacking, banking trojan). 3k$ per month.

Banking

Banking Malware Mobile Encryption

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Security Affairs

FEBRUARY 22, 2024

barely and cannot afford to leave the camp, nor to operate his own bank account but only to survive miserably. “ Do you ensure that you do not run away with the money once it is received in your bank account? ”. “ In order to scan, attach and send the copies, I will have to go to a center very far from our camp .”

Scams

Scams Banking Computers and Electronics Accountability

SharkBot Banking Trojan spreads through fake AV apps on Google Play

Security Affairs

APRIL 9, 2022

Researchers from the Check Point Research (CPR) team discovered several malicious Android apps on the official Google Play Store masqueraded as antivirus solutions that were used to deliver the SharkBot banking Trojan. Sharkbot is an information stealer steals used by crooks to siphon credentials and banking information.

Banking

Banking Antivirus Malware Accountability

BitRAT campaign relies on stolen sensitive bank data as a lure

Security Affairs

JANUARY 3, 2023

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages.

Banking

Banking Malware Phishing DDOS

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Neverquest was used by cyber criminals to steal login credentials from banking customers, it leverages on injection mechanisms to provide users fake forms into legitimate banking websites.

Banking

Banking Malware Advertising Passwords

Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 26, 2024

million individuals North Korea-linked Kimsuky used a new Linux backdoor in recent attacks International Press – Newsletter Cybercrime Healthcare company WebTPA discloses breach affecting 2.5

Healthcare

Healthcare Spyware Data breaches Banking

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

Security Affairs

JANUARY 3, 2024

Resecurity has uncovered a cybercriminal faction known as “ GXC Team “, who specializes in crafting tools for online banking theft, ecommerce deception, and internet scams. For the tool to function, the operator must input a list of compromised email accounts to be scanned.

Artificial Intelligence

Artificial Intelligence Banking Scams Cybercrime

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime

Cybercrime Banking Accountability Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, the Ukrainian national Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew.

Malware

Malware Cybercrime Banking Hacking

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. Accounting for humans.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Security Affairs

APRIL 5, 2023

The discovery of STYX coincides with Resecurity financial crime risk analysts observing a significant increase in threat actors offering money-laundering services that exploit digital banking and cryptocurrency accounts. Resecurity’s investigation of STYX also yielded the discovery of 100 mules accounts.

Banking

Banking Cybercrime Accountability Risk

Law enforcement Operation HAECHI IV led to the seizure of $300 Million

Security Affairs

DECEMBER 20, 2023

The investigators used INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) to detect online fraudulent transactions, and then froze the associated bank and virtual asset service provider (VASP) accounts. Police in member countries froze the assets and investigations are ongoing.

Scams

Scams eCommerce Banking Cybercrime

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

Security Affairs

FEBRUARY 19, 2019

According to a new research conducted by Group-IB experts, 74 percent of Russian banks were not ready for cyberattacks. Even so, 74 percent of Russian banks were not ready for cyberattacks , 29 percent were found to be actively infected with malware, and in 52 percent of cases traces of past attacks were detected.

Banking

Banking Marketing Cybercrime Information Security

European police arrested tens of members of two SIM Hijacking Gangs

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. The authorities arrested tens of individuals in Spain and Romania. .

Banking

Banking Cybercrime Mobile Accountability

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

. “Comprised of several layers of members mainly from Latvia, Georgia, Bulgaria, Romania, and Belgium, the QQAAZZ network opened and maintained hundreds of corporate and personal bank accounts at financial institutions throughout the world to receive money from cybercriminals who stole it from accounts of victims.”

Malware

Malware Banking Cryptocurrency Cybercrime

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

The BTC-e virtual currency is popular in the cybercrime underground because it was used by crooks to launder funds for illegal activities. million to overseas bank accounts controlled by Bilyuchenko, Verner, and their co-conspirators.” ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.

Malware

Malware Ransomware Banking Healthcare

Police dismantled a gang that used phishing sites to steal credit cards

Security Affairs

FEBRUARY 22, 2022

The cybercrime unit of the Ukrainian police has arrested a group of cybercriminals who managed to steal payment card data from at least 70,000 people by setting up mobile fake top-up services. The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens.

Phishing

Phishing Banking Mobile Telecommunications

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

Security Affairs

OCTOBER 23, 2023

. “The investigation began at the beginning of this year by specialized agents of the Central Cybercrime Unit, when they identified a criminal network that illegally accessed databases of various financial and credit entities, entering different amounts of money into client accounts from the credit institution.

Computers and Electronics

Computers and Electronics Scams Cybercrime Phishing

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

Burkov calls himself a specialist in information security and denies having committed the crimes for which he’s been charged. A screen shot from the Mazafaka cybercrime forum, circa 2011. K0pa also was a top staff member at Verified , among the oldest and most venerated of Russian language cybercrime forums.

Cybercrime

Cybercrime Government Hacking Banking

Grandoreiro Banking Trojan is back and targets banks worldwide

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Webinars

Trending Sources

Bank of America customer data compromised after a third-party services provider data breach

Webinars

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Info stealers and how to protect against them

Many Public Salesforce Sites are Leaking Private Data

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Neo_Net runs eCrime campaign targeting clients of banks globally

New variant of BBTok Trojan targets users of +40 banks in LATAM

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

15 billion credentials available in the cybercrime marketplaces

Spanish bank Globalcaja confirms Play ransomware attack

Caketap, a new Unix rootkit used to siphon ATM banking data

Interpol arrested 75 members of the cybercrime ring Black Axe

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

SharkBot, a new Android Trojan targets banks in Europe

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Crooks stole €1.5 million from German bank OLB cloning EMV cards

Nexus, an emerging Android banking Trojan targets 450 financial apps

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Chilean bank BancoEstado hit by REVil ransomware

Australian Firstmac Limited disclosed a data breach after cyber attack

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

SharkBot Banking Trojan spreads through fake AV apps on Google Play

BitRAT campaign relies on stolen sensitive bank data as a lure

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Law enforcement Operation HAECHI IV led to the seizure of $300 Million

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

European police arrested tens of members of two SIM Hijacking Gangs

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Carbanak malware returned in ransomware attacks

Police dismantled a gang that used phishing sites to steal credit cards

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected